CVE-2013-1843 – typo3/cms-core

Package

Manager: composer
Name: typo3/cms-core
Vulnerable Version: >=4.5.0 <4.5.24 || >=4.6.0 <4.6.17 || >=4.7.0 <4.7.9 || >=6.0.0 <6.0.3

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00634 pctl0.69487

Details

TYPO3 Open redirect vulnerability in the Access tracking mechanism Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Metadata

Created: 2022-05-17T05:08:47Z
Modified: 2023-08-28T23:52:28Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-7gxq-5qqc-v3fc/GHSA-7gxq-5qqc-v3fc.json
CWE IDs: ["CWE-601"]
Alternative ID: GHSA-7gxq-5qqc-v3fc
Finding: F156
Auto approve: 1